Executing the Client

The proxy service expects to receive a signed and encrypted message as specified
by the security policy. Please see Apache Rampart and Axis2 documentation on the
format of the policy file. The element 'enableSec' specifies that Apache Rampart
should be engaged on this proxy service. Hence if Rampart rejects any request
messages that does not conform to the specified policy, those messages will
never reach the 'inSequence' to be processed. To execute the client, send a stock
quote request to the proxy service, and sign and encrypt the request by specifying
the client side security policy as follows:

By following through the debug logs or TCPMon output, you can see that the
request received by the proxy service is signed and encrypted. Also, looking up
the WSDL of the proxy service by requesting the URL http://localhost:8280/services/StockQuoteProxy?wsdl
reveals that the security policy is attached to the provided base WSDL. When
sending the message to the backend service, you can verify that the security
headers are removed. The response received from Axis2 does not use WS-Security,
but the response forwarded back to the client is signed and encrypted as
expected by the client.